Skip to main content

How to apply Basic Authentication In Web API.

Here, I will explain how to maintain security in webapi

Step : 1 Create a method for validate loginname and tokenkey. if exists then return true otherwise return false. 
public static bool Vaidatecredentials(string loginname, string tokenkey)  
{  
    // Check if it is valid credential  
    if(true)//Check login name and token key exists in DB(loginname, password))  
    {  
        return true;  
    }
   else
    {  
        return false;  
    }              
}

Step : 2 add a class, which is used as Authorization filter. The class BasicAuthenticationAttribute inherits from BasicAuthenticationAttribute abstarct class. 
public class BasicAuthenticationAttribute : AuthorizationFilterAttribute  
{  
    public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)  
    {  
        if (actionContext.Request.Headers.Authorization == null)  
        {  
            actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);  
        }  
        else  
        {  
            // accept header parameters  
            string Parameters = actionContext.Request.Headers.Authorization.Parameter;   
  
            // Gets loginname and tokenkey  
            string loginname = Parameters.Split(':')[0];  
            string tokenkey = Parameters.Split(':')[1];  
  
            // Validate loginname and tokenkey  
            if (!Vaidatecredentials(loginname, tokenkey))  
            {  
                // returns unauthorized error 401
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);  
            }  
        }  
  
        base.OnAuthorization(actionContext);  
    }  
}

Step : 3 Now we need to register authorization filter. we can register at controller level. 
 
[BasicAuthentication]  
public class BlogController : ApiController  
{  
    // Add your code here  
}

Step: 4 Call Web API using AJAX request. 
$.ajax({  
    url: 'http://localhost:9000/api/dcs',  
    type: "POST",  
    contentType: "application/json",  
    data: JSON.stringify(testdata),  
    dataType: "json",  
    headers: { 'Authorization' :'Basic ' + loginname + ':' + tokenkey) },  
    success: function (result) {  
        
    },  
    error: function (err) {  
        
    }  
});

Labels:
Location: United States

Comments

Post a Comment

Popular posts from this blog

Generating serial numbers and keys in Asp.net(C#).

here we are using GUID for generate serial numbers and GUID is always unique. Example format: XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX. Guid SerialKeyGuid = Guid.NewGuid(); string AccessKey = SerialKeyGuid.ToString("N"); string AccessKeyLength = AccessKey.Substring(0, 28).ToUpper(); char[] serialArray = AccessKeyLength.ToCharArray(); string SerialNumber = ""; int P = 0; for (int B = 0; B < 28; B++) {                 for (P = B; P < 4 + B; P++)                 {                     SerialNumber += serialArray[P];                 }                 if (P == 28)                 {                     break;                 }         ...
Post a Comment
Read more

How to write Unit Tests in .net

Unit tests are automated tests that verify the behavior code like methods and functions. Writing unit tests is crucial to clean coding, as they help ensure your code works as intended and catches bugs early in the development process. I can share some tips for writing effective unit tests: Write tests for all public methods Every public method in your code should have a corresponding unit test. This helps ensure that your code behaves correctly and catches any unexpected behavior early. public class Calculator { public int Add(int a, int b) { return a + b; } } [TestClass] public class CalculatorTests { [TestMethod] public void Add_ShouldReturnCorrectSum() { // Arrange Calculator calculator = new Calculator(); int a = 1; int b = 2; // Act int result = calculator.Add(a, b); // Assert Assert.AreEqual(3, result); } } Test boundary conditions  Make sure to test boundary conditions, such a...
Post a Comment
Read more